How the ransomware epidemic is affecting your company, even when you don’t get hit.
January 13, 2022 •
While the world limps through yet another brutal wave of the COVID-19 pandemic, a quieter epidemic continues to rise, unnoticed by most of the worldwide population. We’re referring, of course, to the ransomware epidemic. As we discussed in our last blog post on cybersecurity insurance, ransomware attacks are on the rise, both in frequency and severity, and experts predict that this trend will continue over the next ten years.
Cybersecurity Ventures predicted that by 2031, the cost of ransomware will rise to a startling $256 billion USD annually, and that there will be a new ransomware attack globally every 2 seconds.
Colonial Pipeline, the energy company that supplies almost half the fuel to the East Coast of the United States, made headlines when ransomware attackers shut down operations for five days in May. Almost $5 million USD worth of bitcoin was paid to the ransomware group, DarkSide, to get operations back online, and only half of that was recovered by United States authorities. It’s considered one of the largest attacks on American infrastructure by hackers ever. 2021 also saw the highest ransomware fee demanded of all time, when the Sodinokibi ransomware group asked Kaseya, an IT solutions company, to pay $70 million USD.
But what’s causing this dramatic rise in ransomware attacks, and more importantly, how can you protect yourself from the direct and indirect effects of it?
Before the COVID-19 pandemic began in early 2020, cyber criminals were a nuisance, but for the most part the average company wasn’t affected by their presence. Since March of 2020 though, more employees than ever before are now working at home using less secure networks through remote access. This is the environment that cyber attackers have been able to thrive in. With innovative phishing techniques and new alarming ransomware variants, cyber crime is more prevalent than ever.
How is this affecting virtually every industry?
Even if your company hasn’t been directly affected by a ransomware attack, it’s likely that you’re feeling the effects of this phenomenon anyways. For example, maybe a company in your supply chain has been hit by a ransomware attack and disrupted supply for a few days. Or perhaps one of the third party cloud solutions your company utilizes has been attacked by the ever-increasing hits against the Internet of Things (IoT).
The large ransomware attacks mentioned earlier are perfect examples of the trickle-down effect of the rise in these attacks. The Colonial Pipeline attack caused panic-induced price increases and shortages — the price of gas rose above $3/gallon for the first time since 2014, and some states had to enact temporary price gouging laws. The Kaseya attack caused 800 supermarkets in Sweden to close, the servers and workstations of 1000 companies encrypted, more than 70 MSPs impacted, causing over 350 companies downstream of those MSPs to feel the effects as well.
Cybersecurity insurance is one of the largest industries affected.
A lesser-understood impact of the ransomware epidemic is it’s effect on cybersecurity insurance. Cybersecurity insurance used to be a little-known but effective tool for companies in high-risk environments to protect against major losses from ransomware attacks. As cyber insurance became a more popular tool for more companies, and ransomware attacks continued to increase, the financial burden of these attacks was shifted from companies to insurers, and they have responded in kind.
The insurance companies that have stayed in the cyber insurance space have turned to sophisticated monitoring and assessment tools to determine the risk level of prospective clients, and have begun to use those tools to determine premium cost, coverage levels, and even whether to grant coverage at all. If you’ve seen a rise in your insurance premiums, had your coverage reduced, or perhaps been asked to fill out an MFA attestation form, you can blame ransomware attackers.
What can companies do to stay safe?
The traditional wisdom about having a secure password and training your employees on how to recognize a phishing email isn’t unimportant, but companies have to start meeting the level of sophistication of these attacks with sophisticated cybersecurity solutions.
Comprehensive and secure backups, Endpoint Detection and Response (EDR) tools, and password managers are all important tools in protecting your company against hackers. However, the best way to prevent a ransomware attack, and the number one thing that cybersecurity insurers say they are looking for, is enabling multi-factor authentication (MFA) wherever possible.
Let’s examine the Colonial Pipeline attack once again. Investigators after the attack discovered that if MFA had been enabled on the compromised account, hackers would not have been able to gain access to the systems, and the attack would have been prevented. Last year Jim Alcove, the CTO of Salesforce, said “passwords alone can no longer protect against unauthorized access and security attacks” and that “MFA is the most direct and effective way” to prevent “unauthorized account access”.
It’s a clear message from top industry professionals, cyber crime investigators, and cybersecurity insurance providers: MFA is the vaccine for the ransomware epidemic.
Talk to us today about how you can protect your company from all the effects of ransomware with LoginTC’s simple and secure MFA solution.